[Samba] Active directory authentification with Samba

Simon Renshaw simon at castortech.com
Thu Apr 13 18:07:27 GMT 2006

You mean this? http://us4.samba.org/samba/docs/man/Samba-Guide/kerberos.html Or do you mean something the HOWTO section?

While there are indeed a lot of examples in it, it seems to deal with Windows shares under a Samba domain. No my situation.
Or there is too much fluff and I just missed it.

I will rephrase what I want to do. I want to share / (read and write) and make it available to everybody that is in the Domain Users group of AD. Simple, no?

So in my smb.conf file, the share will look like that?

        path = /
        writeable = yes
        guest ok = yes
	  valid users = @"MONTREAL\Domain Users"

But the Domain Users group is in the Users OU. Should I put Montreal\Users\Domain Users instead?

I have only 1 Linux server and 5-6 users so security (or the lack of it) is not a problem.

Oh, and I never used SWAT.


From: Rob Tanner [mailto:rtanner at linfield.edu] 
Sent: 13 avril, 2006 12:59
To: Simon Renshaw
Cc: samba at lists.samba.org
Subject: Re: [Samba] Active directory authentification with Samba

The samba home page (in SWAT) has a section at the bottom called "Books".   Click on "Samba 3 by Example".  Then click on "Active Directory, Kerberos ans Security".  Go through that material and make sure you've set everything up correctly.  It has a lot of step by step info.

-- Rob

Simon Renshaw said the following on 04/13/2006 08:44 AM: 
I went in the Samba settings and went in the security tab.

I selected ADS, added the IP of my AD server and added my Kerberos realm
(found it by running ksetup on my AD server). 

But since I've done that, I can't even access the server.

The message tells me that the server is not accessible or that I might
not have permission. It also mentions that configuration information
can't be read from the domain controller.

What am I missing?

(Yes, I'm trying to read the doc... 943 pages, ugh)


-----Original Message-----
From: Rob Tanner [mailto:rtanner at linfield.edu] 
Sent: 11 avril, 2006 20:23
To: Simon Renshaw
Cc: samba at lists.samba.org
Subject: Re: [Samba] Active directory authentification with Samba

Use security = ADS or security = DOMAIN

On 04/11/2006 01:17 PM, Simon Renshaw wrote:

I looked at the doc but I can't find what I'm looking for.

I have 1 Linux server (CentOS 4.3) running Samba 3.0.10 in a Windows
2003 AD domain. I modified Samba's conf file to point it to our WINS
server. We can access the share using \\servername. So far so good.

Is there a way to use AD to authenticate the users instead of the
users that are on the server?



More information about the samba mailing list